darrenpmeyer · June 28, 2022 13:55
diff --git a/start-gocryptfs.sh b/start-gocryptfs.sh
 #!/usr/bin/env bash
 set -euo pipefail

 ## encrypted files; script will create this. Put in a synced folder
 ENCRYPTED_FOLDER="~/Dropbox/encrypted"

 ## mountpoint; script will create this. Should stay empty when not mounted!
 ## DO NOT PUT THIS IN A SYNCED FOLDER - DOING SO WILL SYNC UNENCRYPTED DATA
 MOUNTPOINT="~/.local/cloudmount/Dropbox-Encrypted"

 ## NOTE: FUSE (macFUSE/osxFUSE) is required. https://osxfuse.github.io/
 if ! [ -d "/Library/PreferencePanes/macFUSE.prefPane/" ]
 then
   >&2 echo "macFUSE/osxFUSE is required, but not found"
   >&2 echo "NONFREE; install from https://osxfuse.github.io/"
   exit 123
 fi

 if !(touch /usr/local/bin/gocryptfs && rm /usr/local/bin/gocryptfs)
 then
  >&2 echo "FATAL: can't write to /usr/local/bin"
  exit 1
 fi

 ## build and install gocryptfs
 repodir="${TMPDIR}/gocryptfs"
 workdir="$(pwd)"
 mkdir -p "${repodir}"

 git clone https://github.com/rfjakob/gocryptfs.git "${repodir}"
 cd "${repodir}"
 ./build-without-openssl.bash

 if ! [ -x ./gocryptfs ]
 then
  >&2 echo "FATAL GoCryptFS not built. Leaving '${repodir}' in place to investigate"
  exit 1
 fi

 cp ./gocryptfs /usr/local/bin
 cd "${workdir}"
 rm -R "${repodir}"

 ## set up the encrypted filesystem
 >&2 echo "Setting up encrypted filesystem in ${ENCRYPTED_FOLDER}"
 >&2 echo "!!! Choose a strong passphrase and record the master key somewhere safe !!!"
 mkdir -p "${ENCRYPTED_FOLDER}"
 mkdir -p "${MOUNTPOINT}"

 gocryptfs -init "${ENCRYPTED_FOLDER}"
 read -p "NOTE YOUR MASTER KEY, then press <Enter> to continue"
 gocryptfs "${ENCRYPTED_FOLDER}" "${MOUNTPOINT}"

 >&2 cat << EOM
 Encrypted filesystem in '$ENCRYPTED_FOLDER'
   mounted to directory '$MOUNTPOINT'
   
 To unmount: 'umount "$MOUNTPOINT"'
 To remount: 'gocryptfs "$ENCRYPTED_FOLDER" "$MOUNTPOINT"'

 !! PLEASE MAKE SURE YOU HAVE YOUR MASTER KEY STORED SAFELY
 EOM
	#!/usr/bin/env bash
	set -euo pipefail

	## encrypted files; script will create this. Put in a synced folder
	ENCRYPTED_FOLDER="~/Dropbox/encrypted"

	## mountpoint; script will create this. Should stay empty when not mounted!
	## DO NOT PUT THIS IN A SYNCED FOLDER - DOING SO WILL SYNC UNENCRYPTED DATA
	MOUNTPOINT="~/.local/cloudmount/Dropbox-Encrypted"

	## NOTE: FUSE (macFUSE/osxFUSE) is required. https://osxfuse.github.io/
	if ! [ -d "/Library/PreferencePanes/macFUSE.prefPane/" ]
	then
	>&2 echo "macFUSE/osxFUSE is required, but not found"
	>&2 echo "NONFREE; install from https://osxfuse.github.io/"
	exit 123
	fi

	if !(touch /usr/local/bin/gocryptfs && rm /usr/local/bin/gocryptfs)
	then
	>&2 echo "FATAL: can't write to /usr/local/bin"
	exit 1
	fi

	## build and install gocryptfs
	repodir="${TMPDIR}/gocryptfs"
	workdir="$(pwd)"
	mkdir -p "${repodir}"

	git clone https://github.com/rfjakob/gocryptfs.git "${repodir}"
	cd "${repodir}"
	./build-without-openssl.bash

	if ! [ -x ./gocryptfs ]
	then
	>&2 echo "FATAL GoCryptFS not built. Leaving '${repodir}' in place to investigate"
	exit 1
	fi

	cp ./gocryptfs /usr/local/bin
	cd "${workdir}"
	rm -R "${repodir}"

	## set up the encrypted filesystem
	>&2 echo "Setting up encrypted filesystem in ${ENCRYPTED_FOLDER}"
	>&2 echo "!!! Choose a strong passphrase and record the master key somewhere safe !!!"
	mkdir -p "${ENCRYPTED_FOLDER}"
	mkdir -p "${MOUNTPOINT}"

	gocryptfs -init "${ENCRYPTED_FOLDER}"
	read -p "NOTE YOUR MASTER KEY, then press <Enter> to continue"
	gocryptfs "${ENCRYPTED_FOLDER}" "${MOUNTPOINT}"

	>&2 cat << EOM
	Encrypted filesystem in '$ENCRYPTED_FOLDER'
	mounted to directory '$MOUNTPOINT'

	To unmount: 'umount "$MOUNTPOINT"'
	To remount: 'gocryptfs "$ENCRYPTED_FOLDER" "$MOUNTPOINT"'

	!! PLEASE MAKE SURE YOU HAVE YOUR MASTER KEY STORED SAFELY
	EOM